Security through layers in an intelligent electronic device

US 10,303,860 B2
Filed: 06/17/2015
Issued: 05/28/2019
Est. Priority Date: 10/04/2011
Status: Active Grant

First Claim

Patent Images

1. An intelligent electronic device (IED) comprising:

at least one sensor coupled to at least one power line of an electrical power distribution system and configured for measuring at least one power parameter of the at least one power line and generating at least one analog signal indicative of the at least one power parameter;

at least one analog to digital converter coupled to the at least one sensor configured for receiving the at least one analog signal and converting the at least one analog signal to at least one digital signal;

at least one first processor configured for executing at least one application, the at least one application requiring a security key, the security key including at least one component with each of the at least one component being stored in a different location, the security key being generated by iteratively encrypting a key with the at least one component, wherein at least one of the at least one component is changed after a predetermined period of time;

at least one second processor in communication with the at least one first processor, the at least one second processor configured to receive a message from the at least one first processor, retrieve the security key from at least one location, decrypt the message and return the decrypted message to the at least one first processor, anda storage device that stores measured and calculated data, wherein the message is a request for access to data stored in the storage device,wherein the message includes a payload key to be decrypted by the security key and the returned decrypted message includes a decrypted payload key to decrypt the at least one application in the at least one first processor.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure provides for improving security in a meter or an intelligent electronic device (IED) through the use of a security key which is unique to each meter or IED. Such a key may be used to prevent password reuse among multiple meters. Such a key may also be used to encrypt critical components of the software, such that only when running on the correct meter can the components of the software be decrypted. Such a key may also be used to uniquely identify the device in a larger data collection and management system. The security key can also be used to prevent the direct copying of meters. The present disclosure also provides for a meter or IED that stores functional software separately from core software.

268 Citations

23 Claims

1. An intelligent electronic device (IED) comprising:
- at least one sensor coupled to at least one power line of an electrical power distribution system and configured for measuring at least one power parameter of the at least one power line and generating at least one analog signal indicative of the at least one power parameter;
  
  at least one analog to digital converter coupled to the at least one sensor configured for receiving the at least one analog signal and converting the at least one analog signal to at least one digital signal;
  
  at least one first processor configured for executing at least one application, the at least one application requiring a security key, the security key including at least one component with each of the at least one component being stored in a different location, the security key being generated by iteratively encrypting a key with the at least one component, wherein at least one of the at least one component is changed after a predetermined period of time;
  
  at least one second processor in communication with the at least one first processor, the at least one second processor configured to receive a message from the at least one first processor, retrieve the security key from at least one location, decrypt the message and return the decrypted message to the at least one first processor, anda storage device that stores measured and calculated data, wherein the message is a request for access to data stored in the storage device,wherein the message includes a payload key to be decrypted by the security key and the returned decrypted message includes a decrypted payload key to decrypt the at least one application in the at least one first processor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The IED of claim 1, wherein the message is the at least one application.
  - 3. The IED of claim 1, wherein the at least one second processor generates the security key.
  - 4. The IED of claim 1, wherein the at least one second processor decrypts at least one software application.
  - 5. The IED of claim 1, further comprising a private key for encryption and password generation and a public key for identifying the IED.
  - 6. The IED of claim 5, wherein the public key is a transport security layer (TSL) certificate.
  - 7. The IED of claim 5, wherein the at least one second processor generates a unique signature based on the private key and public key.
  - 8. The IED of claim 1, wherein the IED is one of a Programmable Logic Controller (PLC), a Remote Terminal Unit (RTU), an electric power meter, a revenue meter, a protective relay, a fault recorder, a phase measurement unit, a serial switch and a smart input/output device.
  - 9. The IED of claim 1, wherein the at least one sensor, at least one analog to digital converter, at least one first processor and at least one second processor are disposed in a housing.
  - 10. The IED of claim 9, wherein the housing is at least one of a socket/S-base housing, a panel meter housing, a switchboard/draw-out housing and a A-base housing.

11. An intelligent electronic device (IED) comprising:
- at least one sensor coupled to at least one power line of an electrical power distribution system and configured for measuring at least one power parameter of the at least one power line and generating at least one analog signal indicative of the at least one power parameter;
  
  at least one analog to digital converter coupled to the at least one sensor configured for receiving the at least one analog signal and converting the at least one analog signal to at least one digital signal;
  
  at least one first processor configured for executing at least one software application, the at least one application requiring a security key, the security key including at least one component with each of the at least one component being stored in a different location, the security key being generated by iteratively encrypting a key with the at least one component, wherein at least one of the at least one component is changed after a predetermined period of time; and
  
  at least one second processor in communication with the at least one first processor, the at least one second processor configured to receive a message from the at least one first processor, retrieve the security key from at least one location, decrypt the message and return the decrypted message to the at least one first processor, wherein the message is the at least one software application,wherein the message includes a payload key to be decrypted by the security key and the returned decrypted message includes a decrypted payload key to decrypt the at least one software application in the at least one first processor.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The IED of claim 11, wherein the at least one second processor generates the security key.
  - 13. The IED of claim 11, wherein the at least one second processor decrypts the at least one software application.
  - 14. The IED of claim 11, further comprising a private key for encryption and password generation and a public key for identifying the IED.
  - 15. The IED of claim 14, wherein the public key is a transport security layer (TSL) certificate.
  - 16. The IED of claim 14, wherein the at least one second processor generates a unique signature based on the private key and public key.
  - 17. The IED of claim 11, wherein the IED is one of a Programmable Logic Controller (PLC), a Remote Terminal Unit (RTU), an electric power meter, a revenue meter, a protective relay, a fault recorder, a phase measurement unit, a serial switch and a smart input/output device.
  - 18. The IED of claim 11, wherein the at least one sensor, at least one analog to digital converter, at least one first processor and at least one second processor are disposed in a housing.
  - 19. The IED of claim 18, wherein the housing is at least one of a socket/S-base housing, a panel meter housing, a switchboard/draw-out housing and a A-base housing.

20. An intelligent electronic device (IED) comprising:
- at least one sensor coupled to at least one power line of an electrical power distribution system and configured for measuring at least one power parameter of the at least one power line and generating at least one analog signal indicative of the at least one power parameter;
  
  at least one analog to digital converter coupled to the at least one sensor configured for receiving the at least one analog signal and converting the at least one analog signal to digital data; and
  
  at least one processor configured for executing at least one application, the at least one application requiring a security key, the security key including at least one component with each of the at least one component being stored in a different location, the security key being generated by iteratively encrypting a key with the at least one component, wherein at least one of the at least one component is changed after a predetermined period of time;
  
  wherein the at least one processor is configured to receive a message, retrieve the security key from at least one location, decrypt the message based on the retrieved key, andwherein the message includes a payload key to be decrypted by the security key and the decrypted message includes a decrypted payload key to decrypt the at least one application.
- View Dependent Claims (21, 22, 23)
- - 21. The IED of claim 20, further comprising a storage device that stores the measured digital data and calculated data, wherein the message includes a request for access to data stored in the storage device.
  - 22. The IED of claim 20, wherein the IED is one of a Programmable Logic Controller (PLC), a Remote Terminal Unit (RTU), an electric power meter, a revenue meter, a protective relay, a fault recorder, a phase measurement unit, a serial switch and a smart input/output device.
  - 23. The IED of claim 20, wherein the at least one sensor, at least one analog to digital converter and at least one processor are disposed in a housing, wherein the housing is at least one of a socket/S-base housing, a panel meter housing, a switchboard/draw-out housing and a A-base housing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
EI Electronics LLC (Hubbell, Inc.)
Original Assignee
Electro Industries/Gaugetech
Inventors
Koval, Rory A., Zhu, Hai
Primary Examiner(s)
Le, Chau

Application Number

US14/742,061
Publication Number

US 20150310191A1
Time in Patent Office

1,441 Days
Field of Search
US Class Current
CPC Class Codes

G01D 4/004   Remote reading of utility m...

G01R 1/025   concerning dedicated user i...

G01R 19/2513   Arrangements for monitoring...

G01R 22/063   related to remote communica...

G06F 21/1011   to devices

G06F 21/12   Protecting executable software

G06F 21/14   against software analysis o...

G06Q 10/06   Resources, workflows, human...

G06Q 50/06   Energy or water supply

H04L 63/0435   wherein the sending and rec...

H04L 67/06   specially adapted for file ...

H04L 67/12   specially adapted for propr...

Y02B 90/20   Smart grids as enabling tec...

Y04S 20/30   Smart metering, e.g. specia...

Y04S 40/18   Network protocols supportin...

Y04S 40/20   Information technology spec...

Security through layers in an intelligent electronic device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

268 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Security through layers in an intelligent electronic device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

268 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links